Don’t open that zip file in your email that you got from some strange person you’ve never heard of!

Make sure you back up your computer – especially your really important files!

[One of my saddest days at work ever was trying to help a lady who had her entire thesis on one floppy disk that was now toast. Months of work – gone!]

But what’s this all about?

Hacking is one thing – but what if someone hacks your car? While you’re in it!

It turns out that there have been some proven hacks of car computers while people were driving in them.

A security company purchased a 2014 Jeep Cherokee, and (over a period of several months) were able to attack it remotely.

They managed to connect in via the mobile network and were able to affect the following systems:

At low speeds (5-10 mph):

Engine shutdown

Disable brakes

Steering

At any speed:

Door locks

Turn signal

Tachometer

Pump up the radio volume, the bass, changing the channel

Setting the heating, ventilating and air conditioning fan to arbitrary speeds

Tracking the cars GPS coordinates

In this case, the company is friendly. The attack resulted in a white paper being produced and a recall and update of the affected cars. There are plenty of hacking examples where the results are not so friendly.

How to prevent this happening to your car

The FBI advises that you do the following:

Ensure your vehicle software is up to date.
As mentioned, I’m sceptical that software updates will happen regularly.

Be careful when making any modifications to vehicle software.
Another way to put this is.. I really hope that you trust your mechanic.

Maintain awareness and exercise discretion when connecting third-party devices to your vehicle.
This is a short way of saying that buying a cheap no-name car diagnostics instrument from the Internet may not give you the results you expected. They can also be used as a way to hack into your car.

Be aware of who has physical access to your vehicle.As with all hacking, it is extremely difficult to prevent hacking if someone has direct access to the computer. The trouble is, it is not that hard to get direct access to someone’s car. If you really wanted to do it, a short distraction at a petrol station (for example) is all that’s needed.

Overall, it looks like if you really wanted to hack a car (and had a known vulnerability that you could exploit), it would be difficult to stop.

Leon Troeth

29/03/2016 at 8:12 pm

Better still.. now we have the chance to take our cars in for a service, have some buggy update installed and drive it home worse than when it was taken in. We’ll have to start checking out the car software release schedule to see when it’s safe!